The Badge Archive

Fulfills Step 5 of GSUSA Cadette Cybersecurity Investigator badge requirements.

Info Needed for badge requirements: Hackers use various techniques to steal information or access private data. Scouts should be aware of these attack types:

• Phishing: Hackers trick people through fake emails or messages with harmful links, attachments, or requests for personal information.
• Spoofing: Hackers pretend to be someone trustworthy, like a friend or company, to access your details.
• Malware: Malicious software damages devices or steals information.
• Spyware: Software secretly gathers private information from your device.
• Ransomware: Hackers lock your files and demand payment to restore access.
• SMS Phishing (Smishing): Hackers send fake text messages to steal data.
• Man-in-the-Middle: Hackers intercept messages to spy or steal information.
• Data Breach: Sensitive information is stolen or exposed by targeting organizations.

Scouts can protect themselves online using these strategies:

• Strong Passwords: Create unique and hard-to-guess passwords for your accounts.
• Back Up Your Data: Save important files in secure locations like external drives or cloud storage.
• Anti-Virus Software: Install programs to block harmful software and monitor activity.
• Software Updates: Keep devices updated to close security gaps. Updates protect devices from hackers exploiting older systems.
• Pop-Up Blockers: Stop accidental clicks on harmful ads or links.
• Think before you click: Avoid links in emails or messages from unknown senders. Always verify the source before clicking links in emails or texts.
• Verify sources: Always check if the person or organization contacting you is real.

What Information Should Scouts Protect?
Personal information is valuable to hackers. Scouts should keep the following private:

• Name
• Birthday
• Home Address
• Email Address
• Bank Account Number
• Phone Number
• Password
• Driver’s License Number
• Credit Card Number

---

Items Needed

• Index cards or pieces of paper with scenarios written on them (examples below).
• Three labeled envelopes or containers for sorting (“Phishing,” “Spoofing,” and “Malware”).

Instructions

1. Share the required information needed for the badge.
2. Scouts will act as “cybersecurity detectives” to sort scenarios into the correct envelope or container.
3. Hand out scenario cards to scouts (one or two per scout).
4. One by one, scouts read their scenario aloud and place the card in the corresponding envelope or container. Discuss why they chose that category and help clarify if needed.

Scenarios

Phishing Scenarios:

1. An email claims, “Your account has been compromised! Click this link to reset your password.”
2. A pop-up says, “You’ve won a $1,000 gift card! Enter your information to claim it.”
3. A message from a fake charity asks for donations using a suspicious link.
4. An email warns, “Urgent! Your payment failed. Click here to fix it now.”
5. A text pretends to be from a delivery service, asking you to confirm your payment details for a package.

Spoofing Scenarios:
6. An email pretends to be from your school, asking for your login information.
7. A fake message appears to be from your bank, asking you to confirm your account number.
8. Someone pretends to be a friend or family member on social media, asking for your address.
9. A scammer sends a fake email from an online store, asking for your credit card to “verify your purchase.”
10. An email mimics a tech support team and asks you to provide your password for troubleshooting.

Malware Scenarios:
11. Clicking on a pop-up ad installs harmful software on your device.
12. A suspicious file attachment in an email infects your computer when opened.
13. Visiting an untrustworthy website triggers a program that damages your device.
14. A download labeled as a “free game” contains software that steals your information.
15. An outdated app on your device is exploited by hackers to install malicious software.